CVE-2010-1646
NONE EPSS 36.5%
Published Jun 7, 201016y ago · Modified Jun 16, 20262w ago
Published Jun 7, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
Threat Intelligence
EPSS Exploit Probability
36.5% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-264
Affected Products 74
| Vendor | Product | Version | Range |
|---|---|---|---|
| todd_miller | sudo | 1.3.1 | any |
| todd_miller | sudo | 1.6 | any |
| todd_miller | sudo | 1.6.1 | any |
| todd_miller | sudo | 1.6.2 | any |
| todd_miller | sudo | 1.6.2p1 | any |
| todd_miller | sudo | 1.6.2p2 | any |
| todd_miller | sudo | 1.6.2p3 | any |
| todd_miller | sudo | 1.6.3 | any |
| todd_miller | sudo | 1.6.3p1 | any |
| todd_miller | sudo | 1.6.3p2 | any |
| todd_miller | sudo | 1.6.3p3 | any |
| todd_miller | sudo | 1.6.3p4 | any |
| todd_miller | sudo | 1.6.3p5 | any |
| todd_miller | sudo | 1.6.3p6 | any |
| todd_miller | sudo | 1.6.3p7 | any |
| todd_miller | sudo | 1.6.4 | any |
| todd_miller | sudo | 1.6.4p1 | any |
| todd_miller | sudo | 1.6.4p2 | any |
| todd_miller | sudo | 1.6.5 | any |
| todd_miller | sudo | 1.6.5p1 | any |
| todd_miller | sudo | 1.6.5p2 | any |
| todd_miller | sudo | 1.6.6 | any |
| todd_miller | sudo | 1.6.7 | any |
| todd_miller | sudo | 1.6.7p1 | any |
| todd_miller | sudo | 1.6.7p2 | any |
| todd_miller | sudo | 1.6.7p3 | any |
| todd_miller | sudo | 1.6.7p4 | any |
| todd_miller | sudo | 1.6.7p5 | any |
| todd_miller | sudo | 1.6.8 | any |
| todd_miller | sudo | 1.6.8p1 | any |
| todd_miller | sudo | 1.6.8p2 | any |
| todd_miller | sudo | 1.6.8p3 | any |
| todd_miller | sudo | 1.6.8p4 | any |
| todd_miller | sudo | 1.6.8p5 | any |
| todd_miller | sudo | 1.6.8p6 | any |
| todd_miller | sudo | 1.6.8p7 | any |
| todd_miller | sudo | 1.6.8p8 | any |
| todd_miller | sudo | 1.6.8p9 | any |
| todd_miller | sudo | 1.6.8p10 | any |
| todd_miller | sudo | 1.6.8p11 | any |
| todd_miller | sudo | 1.6.8p12 | any |
| todd_miller | sudo | 1.6.9 | any |
| todd_miller | sudo | 1.6.9p1 | any |
| todd_miller | sudo | 1.6.9p2 | any |
| todd_miller | sudo | 1.6.9p3 | any |
| todd_miller | sudo | 1.6.9p4 | any |
| todd_miller | sudo | 1.6.9p5 | any |
| todd_miller | sudo | 1.6.9p6 | any |
| todd_miller | sudo | 1.6.9p7 | any |
| todd_miller | sudo | 1.6.9p8 | any |
| todd_miller | sudo | 1.6.9p9 | any |
| todd_miller | sudo | 1.6.9p10 | any |
| todd_miller | sudo | 1.6.9p11 | any |
| todd_miller | sudo | 1.6.9p12 | any |
| todd_miller | sudo | 1.6.9p13 | any |
| todd_miller | sudo | 1.6.9p14 | any |
| todd_miller | sudo | 1.6.9p15 | any |
| todd_miller | sudo | 1.6.9p16 | any |
| todd_miller | sudo | 1.6.9p17 | any |
| todd_miller | sudo | 1.6.9p18 | any |
| todd_miller | sudo | 1.6.9p19 | any |
| todd_miller | sudo | 1.6.9p20 | any |
| todd_miller | sudo | 1.6.9p21 | any |
| todd_miller | sudo | 1.6.9p22 | any |
| todd_miller | sudo | 1.7.0 | any |
| todd_miller | sudo | 1.7.1 | any |
| todd_miller | sudo | 1.7.2 | any |
| todd_miller | sudo | 1.7.2p1 | any |
| todd_miller | sudo | 1.7.2p2 | any |
| todd_miller | sudo | 1.7.2p3 | any |
| todd_miller | sudo | 1.7.2p4 | any |
| todd_miller | sudo | 1.7.2p5 | any |
| todd_miller | sudo | 1.7.2p6 | any |
| todd_miller | sudo | 1.7.2p7 | any |
References 29
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- secunia.com http://secunia.com/advisories/40002
- secunia.com http://secunia.com/advisories/40188
- secunia.com http://secunia.com/advisories/40215
- secunia.com http://secunia.com/advisories/40508
- secunia.com http://secunia.com/advisories/43068
- security.gentoo.org http://security.gentoo.org/glsa/glsa-201009-03.xml
- wiki.rpath.com http://wiki.rpath.com/Advisories:rPSA-2010-0075
- debian.org http://www.debian.org/security/2010/dsa-2062
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2010:118
- osvdb.org http://www.osvdb.org/65083
- redhat.com http://www.redhat.com/support/errata/RHSA-2010-0475.html
- securityfocus.com http://www.securityfocus.com/archive/1/514489/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/40538
- securitytracker.com http://www.securitytracker.com/id?1024101
- sudo.ws http://www.sudo.ws/repos/sudo/rev/3057fde43cf0
- sudo.ws http://www.sudo.ws/repos/sudo/rev/a09c6812eaec
- sudo.ws http://www.sudo.ws/sudo/alerts/secure_path.html
- vupen.com http://www.vupen.com/english/advisories/2010/1452
- vupen.com http://www.vupen.com/english/advisories/2010/1478
- vupen.com http://www.vupen.com/english/advisories/2010/1518
- vupen.com http://www.vupen.com/english/advisories/2010/1519
- vupen.com http://www.vupen.com/english/advisories/2011/0212
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=598154
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338